Used as a backbone network between electronic control units (ECUs) installed onboard a vehicle is, for example, a controller area network (CAN). A CAN has an interface for enabling an addition of an ECU, and therefore, it is quite possible for a malicious third party to access the CAN via the interface, and to transmit an illegitimate communication frame (message) from the external. The header part of a communication frame for a CAN has an identification field in which a frame identifier (arbitration ID) indicating the type of the communication frame is stored. The arbitration ID is fixed for each type of the communication frame. For example, some third party can eavesdrop a communication frame over the CAN, identify (analyze) the arbitration ID stored in the header part, create an illegitimate communication frame using the identified arbitration ID, and transmit the frame.
Known as a technology for improving the security in the CAN is a technology for transmitting a communication frame in which a digital signature using a public key encryption and ordinary data are stored in the field for storing data to be transmitted (data field), for example, and for causing the receiver to validate the digital signature and to confirm the legitimacy of the transmitter thereby. Also known is a technology for detecting an abnormal message by including, in the header part of the communication frame, for example, a sequence number mapped to an identifier indicating the type of a communication frame, as security information, along with the identifier. Also, known is a technology for updating the frame identifier indicating the type of the communication frame, for each transmission of a communication frame, for example.